489 Threat Modeling Jobs - Page 8

Role & responsibilities 1 1 . Vulnerability Assessment & Management. Coordinate with IT teams to patch systems and applications based on critical vulnerabilities. Assess and mitigate security risks associated with new software, systems, and third-party services. 2. Compliance & Risk Management Ensure compliance with industry standards (ISO 27001, NIST, GDPR, SOC 2) and regulatory requirements. Perform risk assessments to evaluate the effectiveness of existing security controls. Work with internal teams to implement best practices for secure configurations and data protection. 3. Security Architecture & Implementation Assist in designing and implementing secure architectures for cloud, on-premises, and hybrid environments. Evaluate and recommend new cybersecurity tools and technologies. Preferred candidate profile Experience: 4-8 Years Location: Pune / Chennai / Bangalore Employment Type: Permanent Full Time Mandatory Skill: Vulnerability Assessment & Management, Security Architecture & Implementation *** Looking up for candidates who can join in 0-30 Days max **** (Please don't apply if you are NP is more than 30 days) If you are interested in above JD kindly share resume to lakshmi.naidu@citiustech.com with below details: Total Experience: Relevant Experience: Current CTC: Expected CTC: Notice Period: Current Location

Job Summery As the Information Security Associate within the Business Security Operations (BusSecOps) team, you will be responsible for implementing and maintaining information & cyber security practices across WTW. Candidate would be required to gain a high-level of knowledge and understanding of critical technology applications and security standards. You will need to take a leadership role in building security testing framework for web-based applications which includes Threat Profiling, DAST, SAST, Security Architecture, and Penetration testing. In this role, you are expected to understand the organizations information & cyber security strategy and standards while working collaboratively with technology teams to implement and maintain sound security practices. This role resides in our Information & Cyber Security (ICS) team within Corporate IT. Role & responsibilities Build and maintain effective relationship with technology teams and ICS stakeholders Foster a culture of information and cyber security best practices though awareness and support Stay up to date with the latest application security developments and security trends to continually improve internal processes Hold good understanding of Application & Infrastructure testing methodology & support development teams in the remediation of vulnerabilities Work with development teams to improve the secure software development lifecycle Engage in information security activities to support client/business engagements i.e., incidents, vulnerabilities, development lifecycles, risk management and emerging threats Ability to coordinate and execute security testing for applications and cloud environments Engage with key stakeholders to support internal and external audit activities to ensure compliance with regulations such as: SOC, FCA, NYDFS, GDPR, HIPAA Demonstrate a good understanding of security regulations and data privacy laws Support the risk identification & exceptions management process Manage and oversee adhoc projects related to maturing information and cyber security controls across the organization Preferred candidate profile Degree in a relevant Information Technology area preferably with a focus on information security Significant experience in managing and patching vulnerabilities across a host of assets Expert understanding of all aspects of information security principles, policy and its application in business and technology areas Understanding of core cloud security principles Knowledge and experience on supporting information security audits Client focus: ability to engage positively with WTW clients and business stakeholders. Information Security specific certification is desirable (such as CISM, CISSP, CISA, CEH)

Position: Information Technology Risk Management Consultant Location: Chennai Experience: 8-12 years Education: B.E./ B.Tech./MCA Role Overview Responsible for developing, implementing, and maintaining the organisation’s IT Risk Management framework. This role focuses on identifying, assessing, and mitigating risks to protect information assets, ensure regulatory compliance, and enhance overall IT governance. The position requires a deep understanding of risk frameworks, threat modelling, control evaluation, and GRC tools, combined with strong stakeholder management skills. Job Profile: Conduct comprehensive risk assessments: identification, impact analysis, heatmap/matrix creation, inherent vs. residual risk scoring, and control gap analysis. Perform threat modelling and develop detailed risk scenarios for IT infrastructure, applications, and cloud environments. Align IT risk practices with industry frameworks and standards (ISO 27005/27001, NIST RMF, PCI DSS, DORA). Evaluate and maintain IT controls and security posture, recommending enhancements where necessary. Support internal and external IT audit processes, ensuring timely remediation of findings. Work with GRC teams (ServiceNow GRC, RSA) to track and manage risk compliance workflows. Prepare and present risk dashboards, KRIs, and management reports to senior leadership. Desired Skills Proven experience in IT Risk Management frameworks, threat modelling, and risk scenario planning. Strong understanding of regulatory requirements and compliance frameworks. Expertise in GRC platforms (ServiceNow GRC, RSA). Proficiency in risk scoring methodologies and control gap analysis. Preferred Certifications CRISC – Certified in Risk and Information Systems Control / CISSP - Certified Information Systems Security Professional (Preferred) PMI-RMP – Project Management Institute Risk Management Professional (Optional) ISO 27001 / 27005 Risk Manager Certification (Optional)

The Opportunity As a Threat Intelligence Senior Manager, you will be analyzing the cyber threat landscape and associated tactic, techniques and procedures to determine which threats increase FICOs risk exposure. You will lead and inspire a team of security researchers, setting research priorities and guiding projects to advance the understanding of emerging cyber threats. - Hiring Manager. What Youll Contribute Lead the development and delivery of strategic threat intelligence briefings and reports, ensuring findings are actionable and aligned with executive decision-making needs. Define, prioritize, and drive intelligence requirements that proactively strengthen the organizations cybersecurity posture and support cross-functional risk mitigation strategies. Oversee the integration and analysis of multi-source technical indicators to identify trends, emerging threats, and high-confidence Indicators of Compromise (IOCs) with strategic business implications. Maintain situational awareness of the global threat landscape, ensuring leadership is informed of relevant shifts in adversary capabilities and intent. Direct long-term tracking and analysis of Advanced Persistent Threat (APT) actors, including TTPs, infrastructure, and campaign evolution, to inform risk models and defense strategies. Guide the implementation of threat hunting methodologies using SIEM and advanced telemetry to surface adversarial tactics, techniques, and procedures across the enterprise. Sponsor and oversee the use of statistical, spatial, and qualitative threat modeling techniques to deliver high-impact intelligence assessments that inform both security operations and executive risk discussions. Lead efforts to synthesize complex datasets from multiple sensors and intelligence sources into cohesive, business-relevant threat intelligence outputs. Leverage deep expertise in adversary tradecraft to shape and evolve detection capabilities, enabling preemptive identification of emerging attack vectors and vulnerabilities. What Were Seeking Bachelors Degree and 10 years of experience in a related field. Strong research, analytical, writing, briefing, and interpersonal skills. Strong experience in the field of analyzing the Cyber Threat Landscape to determine adversary targeting, tactics, techniques, and procedures. Experience conveying technical information to a broad range of non-technical audience. Ability to work independently, as well as mentoring other team members. Understanding MITRE ATT&CK as well as Cyber Kill Framework. Our Offer to You An inclusive culture strongly reflecting our core values: Act Like an Owner, Delight Our Customers and Earn the Respect of Others. The opportunity to make an impact and develop professionally by leveraging your unique strengths and participating in valuable learning experiences. Highly competitive compensation, benefits and rewards programs that encourage you to bring your best every day and be recognized for doing so. An engaging, people-first work environment offering work/life balance, employee resource groups, and social events to promote interaction and camaraderie.

This Position reports to: R&D Unit Lead Your role and responsibilities Security Architecture: Design and implement security architecture and controls for new and existing products. Secure Coding Practices: Educate and advocate for secure coding practices among development teams through workshops, training sessions, and documentation. Code Review: Review source code for security vulnerabilities and provide actionable feedback to development teams. Security Assessments: Conduct regular security assessments, including threat modeling, Attack Surface Analysis, Critical Analysis. Tool Implementation: Evaluate and implement application security tools (e.g., static and dynamic analysis tools) to automate security testing processes. Incident Response: Assist in incident response activities related to application security breaches, including root cause analysis and remediation strategies. Collaboration: Work closely with cross-functional teams, including software developers, DevOps, and IT security, to ensure security considerations are integrated into the development process. Monitoring and Reporting: Monitor application security metrics and provide regular reports to management on security posture and compliance. Qualifications for the role Understanding of programming languages such as C#, Rust, Python, or JavaScript. Proficient knowledge of application security principles and best practices related to secure coding. Thorough understanding of application security principles like network security, encryption, access management and their best practices. Experience with security tools and processes such as SAST, DAST, SCA, and vulnerability scanners (e.g., SonarQube, OWASP ZAP, Nessus, Invicti) Knowledge of security frameworks (e.g., OWASP Top Ten, NIST, IEC 62443, ISO 27001).Knowledge of cloud platforms (e.g., AWS, Azure, Google Cloud) and their security features. Practical Experience with containerization and orchestration tools such as Docker and Kubernetes Certifications: Relevant certifications include Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), or Offensive Security Certified Professional (OSCP). Proficient in verbal and written communication, capable of explaining complex security topics in an accessible manner to those unfamiliar with the technical details.

BMC is looking for an Experienced Information Security Engineer to join our amazing global Corporate Cybersecurity team! In this role, you will build out, maintain, and troubleshoot our information security systems, while supporting internal customers. You will have the opportunity to learn multiple tools and technologies across multiple security domains. So, if youre committed to customer services, an awesome team player and enjoy building relationship this is the role for you! Here is how, through this exciting role, YOU will contribute to BMC's and your own success: Deploy and maintain security tools and systems. Develop, analyze, and implement security specifications. Participate in incident response and break/fix situations as needed. Develop documentation to support ongoing security systems operation. Analyze system services, operating systems, networks, and applications from a security perspective discovering security issues that appear under new threat scenarios. Create custom use cases, system alarms, correlation signatures, watch lists and 20 plus custom regex parsers to meet customer's IT security needs. Support onboarding and maintenance of a wide variety of data sources to include various OS, appliance, and application logs. To ensure youre set up for success, you will bring the following skillset & experience: 5+ years of experience in Information Security Engineering Experience in Windows, Unix/Linux, and/or network administration experience. Deep understanding of information security threat landscape, and prior experience with threat modeling, including usage of relevant tools and technologies. Experience in networking protocols and services (FTP, HTTP, SSH, SMB, LDAP) Good problem solving and troubleshooting skills. Excellent interpersonal communication skills, with ability to work as a part of a team, as well as independently. Whilst these are nice to have, our team can help you develop in the following skills: Previous experience in other IT roles (such as System Administrator, Networking Engineer etc.) Experience working with SIEM technologies, threat hunting, and pen-testing tools and technologies, and working with malware analysis. Understanding of basic routing principles and networking fundamentals Knowledge of basic functions of operating systems Bachelors degree or equivalent security-related course CA-DNP

This Position reports to: BU Digital Leader Your role and responsibilities: In this role, you will have the opportunity to define and implement ABBs cybersecurity strategy aligned with the overall strategy and business needs. Each day, you will manage cybersecurity risks that could affect the ABB brand and customer base for all ABB offerings, in a cost-effective way. You will also showcase your expertise by collaborating with businesses to protect and grow revenue by effectively addressing customer cybersecurity expectations and actively driving cybersecurity opportunities and demand. The work model for the role is: #LI-Onsite This role is contributing to the Motion Business in Service division in Bangalore, India. You will be mainly accountable for: Be accountable for identifying, reporting, and mitigating cybersecurity risks within the division, including impact assessments on financial, safety, and operational aspects. Support and influence the execution of ABBs cybersecurity strategy within the Motion Services division, aligning with group-level initiatives and standards. Represent the division in the Group Cybersecurity Council, contributing to the development of global cybersecurity policies, standards, and guidelines. Provide cybersecurity requirements for offerings, conducts threat modeling and assessments, and ensures compliance with relevant regulations and certifications. Act as a cybersecurity expert for customers, guides product managers, and drives internal awareness through training and assessments. Maintain awareness of emerging cybersecurity trends and technologies, ensuring the division stays ahead of evolving threats and market expectations. Qualifications for the role: B.E., B.Sc. or M.Sc. in Cybersecurity, computer science, communications and information technology, mathematics or a related field Excellent interpersonal communication skills in English Strong command and several years experience in IT Cybersecurity operational topics for cloud-based systems In-depth knowledge of existing and evolving regulations and security standards for IoT based offering or industrial offering in general Independent, cooperative and emphatic with colleagues, first leadership experience Knowledge of tools and processes around SecDevOps, standards like CRA, NIS-2, IEC62443 and SOC-2 Knowledge of threat modeling, security monitoring tools, application of cryptography, Cybersecurity testing and forensics is a plus

Apply away if wiling to relocate KSA Devices & Telco Security (DTS) Team DTS Tower Lead / Consultant Purpose: Lead IoT and telco device security programs. Responsibilities: Oversee security of network devices, base stations, IoT endpoints. Ensure compliance with telecom security standards (3GPP, GSMA). Skills: Telco networks, IoT security, OT security. Experience: 810 years. Must Have: IoT/OT/Telco infra security, 10+ years exp, strategy & leadership. Good To Have: 5G & Edge security knowledge, telecom compliance. Tool: Palo Alto IoT, Forescout, Fortinet OT Security, Zscaler IoT. Comments: Ensures device and telco infra security framework. IoT / Devices Security Specialist Purpose: Implement and monitor device security controls. Responsibilities: Harden IoT and telco devices. Monitor endpoint security events. Skills: IoT protocols, MDM, EMM solutions. Experience: 35 years. Must Have: IoT protocols (MQTT, CoAP), endpoint device hardening. Good To Have: OT security, industrial control system exposure. Tool: Forescout, Trend Micro IoT Security, Fortinet. Comments: Focus on IoT endpoint & device protection. Senior IoT / Devices Security Specialist Purpose: Advanced threat detection and remediation for devices. Responsibilities: Investigate device-specific attacks. Implement firmware integrity checks. Skills: Embedded security, secure boot, threat modeling. Experience: 57 years. Must Have: 5+ years IoT/OT security, network segmentation, forensic experience. Good To Have: 5G security, MDM/EMM integration. Tool: Microsoft Intune, Forescout, Palo Alto IoT. Comments: Leads IoT/OT threat hunting, advanced config. IoT / Devices Security Consultant Purpose: Advise on IoT/telco device security strategy. Responsibilities: Conduct device security assessments. Recommend architecture improvements. Skills: IoT security frameworks, supply chain risk assessment. Experience: 8+ years. Must Have: Consulting, risk assessments for IoT/OT environments. Good To Have: Industry verticals (energy, healthcare, telco). Tool: OT/IoT assessment tools, Fortinet OT, Tenable.ot. Comments: Advisory-oriented role bridging business with tech. Show more Show less

Apenetration testing (PenTest) and disaster recovery (DR) test job description typically requires candidates to have expertise in both cybersecurity and business continuity. The role involves conducting authorized simulated attacks to identify vulnerabilities in systems and infrastructure, developing and testing DR plans, and providing recommendations for improvement. Penetration Testing (PenTest) Responsibilities : Vulnerability Assessment: Identify weaknesses in computer systems, networks, and applications. Simulated Attacks: Perform ethical hacking exercises to mimic real-world attacks. Reporting and Recommendations: Document findings and provide actionable recommendations for remediation. Staying Updated: Keep abreast of the latest cybersecurity threats and trends. Disaster Recovery (DR) Testing Responsibilities: DR Plan Development: Contribute to the development and maintenance of DR plans. Testing and Validation: Conduct DR tests to validate the effectiveness of the plan and identify gaps. Communication: Communicate with stakeholders regarding DR testing procedures and results. Improvement: Suggest improvements to the DR plan based on testing findings. Key Skills and Requirements : Technical Expertise: Strong understanding of operating systems, networking, and programming languages. Security Knowledge: Familiarity with cybersecurity best practices, threat models, and security tools. Communication Skills: Ability to communicate findings and recommendations to both technical and non-technical audiences. Analytical Skills: Ability to analyze root, identify trends, and develop solutions. Problem-solving Skills: Ability to troubleshoot issues and implement fixes. Additional Information: Certifications: Relevant certifications like CompTIA PenTest+, CEH, or CISSP can be beneficial. Experience : Experience in cybersecurity,penetration testing, and/or disaster recovery is usually required

Job Summary We are seeking a skilled Cybersecurity Engineer to design, implement, and manage security controls, ensuring compliance with ISO/IEC 27001, 27002, and ISO 13485 standards. The role involves integrating security practices into the SDLC , supporting audits, performing threat modeling, managing vulnerabilities, and fostering a strong security culture. Key Responsibilities Implement and monitor security controls within the SaaMD development lifecycle. Ensure compliance with ISO standards and support internal/external audits. Conduct threat modeling, penetration testing, and code analysis. Manage vulnerabilities and drive remediation across teams. Prepare detailed security reports and communicate risks to stakeholders. Deliver security awareness training and promote secure development practices. Qualifications Bachelors in Computer Science, Information Security, or related field. 3+ years of cybersecurity engineering experience, preferably in healthcare or regulated environments. Strong knowledge of ISO/IEC 27001, 27002, and ISO 13485 . Hands-on experience with pen-testing and vulnerability scanning tools (e.g., BurpSuite, nmap, Wireshark, Grype, Dockle, Trivy, Deptrack). Familiarity with DevSecOps , CI/CD pipelines, Docker, and Kubernetes. Preferred Certifications CISSP, CEH, OSCP, CISM, or ISO/IEC 27001 Lead Implementer. Skills Strong analytical and problem-solving skills. Excellent communication and documentation abilities. Proactive, detail-oriented, and collaborative mindset.

About Us Paytm is India's leading mobile payments and financial services distribution company. Pioneer of the mobile QR payments revolution in India, Paytm builds technologies that help small businesses with payments and commerce. Paytms mission is to serve half a billion Indians and bring them to the mainstream economy with the help of technology. Key Responsibilities: Lead, mentor, and manage a high-performing team of 20+ Application Security Engineers, promoting a culture of continuous improvement and collaboration. Develop and implement a comprehensive application security strategy, identifying, assessing, and mitigating risks across the organizations software development lifecycle. Oversee application security testing, vulnerability assessments, code reviews, and penetration testing efforts to ensure adherence to best security practices throughout the development process. Collaborate with cross-functional teams (Engineering, DevOps, Product Management, etc.) to integrate security seamlessly into the product development lifecycle. Lead response efforts to application security incidents, ensuring effective detection, containment, and resolution. Stay current with the latest security threats, trends, and best practices to continuously improve the team's capabilities and knowledge. Establish and enforce application security policies, standards, and guidelines to ensure a consistent approach to security across all applications. Drive and execute training programs to elevate the security awareness of development and engineering teams. Provide regular security performance reports and risk mitigation updates to senior leadership. Required Qualifications: Bachelor's degree in Computer Science, Information Security, or related field (Masters preferred). 15+ years of experience in application security, with at least 5 years in a leadership or managerial role. Proven track record of successfully managing and scaling security engineering teams of 20+ engineers. Deep expertise in secure coding practices, vulnerability assessments, penetration testing, and threat modeling. Extensive hands-on experience with modern application security tools (e.g., SAST, DAST, SCA, IAST). Strong knowledge of web application technologies, cloud platforms (AWS, Azure, GCP), and secure development practices. Thorough understanding of compliance requirements (e.g., GDPR, HIPAA, SOC 2) and the ability to integrate security measures within legal and regulatory frameworks. In-depth experience with secure SDLC, CI/CD pipeline integration, and DevSecOps practices. Excellent communication skills with the ability to articulate complex security concepts to both technical and non-technical stakeholders. Strong leadership and team-building skills, with a focus on fostering a culture of security excellence. Desired Skills: Certifications in application security (e.g., CISSP, OSCP, GWAPT) are highly preferred.Experience with vulnerability management, threat intelligence, and risk management frameworks.Familiarity with container security, microservices, and serverless architecture.Proven ability to influence cross-functional teams to prioritize security in development processes. Compensation If you are the right fit, we believe in creating wealth for you. With enviable 500 mn+ registered users, 21 mn+ merchants and depth of data in our ecosystem, we are in a unique position to democratize credit for deserving consumers & merchants- and we are committed to it. Indias largest digital lending story is brewing here. Its your opportunity to be a part of the story!

Role Title: L2/L3 Support Engineer – Micro-Segmentation (Network Security & Segmentation) Location: Chennai Experience: 6-12 years Role Overview Responsible for designing, implementing, and supporting advanced network segmentation solutions to strengthen enterprise security. The role requires expertise in traffic flow analysis, Zero Trust Architecture, application dependency mapping, and hands-on experience with Illumio, Octoflow, and DevSecOps security tools. Key Responsibilities Analyze L2–L7 traffic flows; perform packet capture/analysis (Wireshark, tcpdump). Manage ports, protocols, and service communications for secure segmentation. Conduct application dependency mapping and align with Zero Trust principles. Deploy and manage Illumio PCE for workload visibility, policy creation, and enforcement. Utilize Octoflow for investigation and policy automation. Integrate secrets and certificate management (CyberArk, Vault, HSM-CipherTrust, PKI/Forgerock). Troubleshoot complex segmentation/security issues; support design & architecture discussions. Document network architectures, segmentation policies, and troubleshooting procedures. Must-Have Skills Strong understanding of L2–L7 network traffic flows, ports, and protocols. Proficiency in packet analysis (Wireshark, tcpdump). Expertise in Zero Trust Architecture & application dependency mapping. Hands-on with Illumio PCE and Octoflow. Experience with DevSecOps integration (CyberArk, Vault, CipherTrust). Solid knowledge of PKI & related tools. Desired Skills Security automation & orchestration experience. Cloud/hybrid network segmentation. Container security (Kubernetes, Docker). Scripting (Python, Bash). Threat modeling & risk-based segmentation. Preferred Certifications Illumio Certified Engineer GIAC GSEC / GCSA Zero Trust Certified Architect (ZTCA) CyberArk, HashiCorp Vault, PKI certifications Network+ / CCNA / CCNP

The Oracle Cloud Infrastructure (OCI) team can provide you the opportunity to build and operate a suite of massive scale, integrated cloud services in a broadly distributed, multi-tenant cloud environment. OCI is committed to providing the best in cloud products that meet the needs of our customers who are tackling some of the worlds biggest challenges. We offer unique opportunities for smart, hands-on engineers with the expertise and passion to solve difficult problems in distributed highly available services and virtualized infrastructure. At every level, our engineers have a significant technical and business impact designing and building innovative new systems to power our customers business critical applications. What is Security Products Group at OCI? OCI Security Products Group is building comprehensive product portfolios to protect customers cloud environments with innovative approaches and hyperscale efficiency. Our core security pillars are: customer isolation, data encryption, security controls, visibility. Our vision is to build the most secure cloud environment for our customers to build their applications confidently on top of OCI. We are making strategic decision to heavily invest on detecting system vulnerabilities and threat activities, correlate and analyze problems, then remediate, notify and block attacks from malicious actors against customer cloud environment. We offer a rich set of services to help our customer to secure their data, flexible access to their environment, detect the vulnerabilities and treats in their environment, source code, applications and containers, take remediations to protect customers based on the industry best practice such as CVE and CIS. Our solutions will ensure customers confidently build their business in Oracle Cloud. Who are we looking for? Were looking for a Software Development Manager with expertise and passion in building teams, coaching individuals, and solving difficult problems in distributed systems, virtualized network infrastructure, and highly available services. These are exciting times in our space - we are growing fast, still at an early stage, and working on ambitious new initiatives within the software assurance and security areas. As a Software Development Manager, you and your team ( direct or dotted line) will solve exciting technical challenges by analyzing, troubleshooting, and designing vital Oracle Cloud services, platforms, and infrastructure while always thinking about reliability, scalability, resilience, security, and performance. You will focus on engineering improvements to the systems that will eliminate whole classes of issues. What You'll Do Service Accountability You will lead a team whose mission is to build/manage a SaaS service that is highly performant, scalable, and reliable. Ownership Scope You own the performance of the service as well as the roadmap to determine the key features required by our customers and partner teams. Operations Engineering You will understand and be able to communicate the scale, capacity, security, performance attributes, and requirements of the service(s) you own. We are subject matter experts, able to understand and communicate every characteristic of our service stack, such as: degradation and behavior under load of the services and their dependencies Instrumentation and metrics that clearly describe the service behaviors scaling requirements and patterns resiliency and recoverability, ensuring that backup/restore and disaster recovery capabilities are implemented, tested, and maintained Automation You will have a clear understanding of automation and orchestration principles, and will be eager to help automate, wherever and whenever the possibility arises, while simultaneously eliminating technical debt. Automation must be part of your DNA. Incidence Management - You will own and respond to customer incidents within the agreed-upon SLAs. You will manage the on-call for your services. Technical Experts - You will have a deep understanding of service topology and the dependencies required to troubleshoot issues and define mitigations. You will bring this expertise to bear in driving reliability improvements in the services you engage with. Cross-team collaboration You will engage with and present to a wide variety of audiences, ranging from individual contributors and teams to senior leadership Required Qualifications BS degree in Computer Science or related technical field 10+ years of Software Engineer experience. 3+ years experience of leading or managing a team of software engineers building network infrastructure. Led or managed teams responsible for distributed processing systems. Hands-on ability to Architect, design, and oversee development & implementation of features Understanding of service KPI metrics, alarms, logging, and system health Unit test, Feature test and system test planning, execution and automation. Resolving customer issues and handling escalations. Experience deploying code within change management procedures Experience working in an operational environment with mission-critical tier-two services with associated oncall responsibilities. Experience with mentoring and growing engineers building network infrastructure. Experience in Identity, Networking, Security related technologies is a plus Preferred Qualifications Hands-on experience developing services on a public cloud platform (e.g., AWS, Azure, Oracle) Building continuous integration/deployment pipelines with robust testing and deployment schedules Expertise in applying threat modeling or other risk identification techniques to develop security solutions Experience and understanding of Cryptograph, DDoS, CVE, CIS, SAST, DAST, or similar security and compliance knowledge Responsibilities As a manager of the software engineering division, you will apply your knowledge of software architecture to manage software development tasks associated with developing, debugging or designing software applications, operating systems and databases according to provided design specifications. Build enhancements within an existing software architecture and suggest improvements to the architecture. Qualifications Career Level - M3

About the Role: Aviatrix, the leader in multi-cloud network security, is seeking a highly motivated and skilled Enterprise Security Engineer (P3) to join our Security team. This mid-to-senior-level role is critical for enhancing the security posture of our enterprise systems and ensuring a robust defense against evolving threats. As a key team member, you will drive security initiatives, collaborate with our Detection and Response team, and address complex challenges in a fast-paced, innovative environment. This position requires a self-starter with a strong foundation in enterprise and cloud security, coupled with a track record of learning and adapting to emerging security trends. Responsibilities: Cloud & Infrastructure Security: Architect, deploy, and maintain security measures across our multi-cloud environments (AWS, Azure, GCP), including infrastructure hardening, configuration reviews, and continuous monitoring. Application & AI Security Review: Conduct security assessments of business-critical applications and AI/ML deploymentsperform threat modeling, secure code reviews, dependency scanning, and penetration tests to identify and remediate vulnerabilities. Platform & Tool Management: Design, configure, and manage core security platforms (SSO, IAM, MDM, SIEM, EDR/NDR, email security) to enforce policies consistently across both applications and infrastructure. Network Defense & Threat Detection: Evaluate, integrate, and optimize network security technologies (firewalls, IDS/IPS, VPNs) to strengthen protections against ransomware, DDoS, insider threats, and data leakage. Incident Response & SOC Partnership: Collaborate with the SOC to triage, investigate, and remediate incidents affecting applications or infrastructure, driving rapid response and post-incident learning. Requirements: Demonstrated experience conducting in-depth cloud infrastructure security reviewsassessing configurations, network architectures, and control implementations to identify and remediate risks. Hands-on experience architecting and securing cloud application deployed in AWS, with familliarty of other CSPs such as Azure and OCI, knowledge of each platforms native security services and best practices. Demonstrated application and AI security background: threat modeling, secure code reviews, dependency scanning, and penetration testing of business-critical applications. Solid understanding of network defense and threat detection technologiesfirewalls, IDS/IPS, VPNsand proven track record mitigating ransomware, DDoS, insider threats, and data loss. Familiarity with infrastructure-as-code (Terraform, CloudFormation) and CI/CD pipelines to drive automated, secure deployments. Experience partnering with SOC teams on incident response, investigation workflows, and post-incident lessons learned. Excellent communicator and mentor, capable of sharing best practices, coaching junior engineers, and driving cross-functional security awareness. Relevant certifications are highly desirable, such as CISSP, CISM, CCSP, AWS Certified Security Specialty, Azure Security Engineer Associate, or equivalent. Show more Show less

We are seeking an experienced Application Security Manager to lead our security initiatives and ensure the integrity, confidentiality, and availability of our systems and data. This role is crucial in safeguarding our digital assets and maintaining compliance with industry for - 1. To Integrate securitytools,standards,andprocessesintothe productlifecycle(PLC). 2. EnsurethatdevelopersandQApersonnelaretrainedwiththeappropriatele velofsecurityknowledgetoperformtheir dailyactivities. 3. Improveandsupportapplicationsecuritytooldeploymentsincludingstaticanal ysisandruntimetestingtools and securedevelopmentstandards. 4. Conduct and manage periodic penetration testing exercises through expert consulting, internal technology team, and managed services to identify the gaps and fulfill audit/ regulator requirements. 5. Create, Integrate and manage threat modelling process/ practices, following SSDLC and application framework. 6. Manage the secure configuration/ hardening guidelines and compliance. 7. Should create and manage application security KPIs. KRIs compliance reports and dashboards. 8. Should have strong hand-on experience of different tools, processes related to SAST, DAST, API Security and Threat Modelling. 9. Should take care of Infosec functions by coordinating with various stakeholders (App Team, Vendors, Auditors, Regulators). 10. Should have knowledge of best practices like OWASP, Microsoft SDL, SANS, NIST. 11. Should have a good espouser to cloud environment (AWS) and WAF (Imperva, Akamai) 12. Knowledge of Network and Data Security is a plus. Qualifications and Experience: 1. 8-10 years of hands-on experience in application security. 2. Strong understanding of application security best practices, frameworks, and security technologies, like Checkmarx, Fortify, Burp Suite, OWASP ZAP, Acunetix etc. 3. Proven experience in managing VA, PT, Code review, SAST, DAST, SSDLC, Threat Modelling, and Audit processes. 4. Familiarity with regulatory requirements and compliance standards (e.g., RBI, SEBI). 5. Excellent communication, interpersonal, analytical and problem-solving skills. 6. Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. Masters degree or relevant certifications preferred.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :Product Security Testing Specialist - IoT, Embedded Devices, Hardware, Medical Instruments and automotive connected cars securityWe are seeking a highly skilled and motivated Product Security Testing Engineer with 7-11 years of proven expertise in IoT, embedded devices, hardware medical instruments and automotive/connected car security. The ideal candidate will have a strong background in security testing methodologies, risk assessment, and a deep understanding of the unique challenges posed by IoT, medical devices and software defined vehicle. This role requires a practical approach to identifying, assessing, and mitigate security flaws in our products as well as expertise in leading and mentoring a group of product security experts. Roles & Responsibilities:Conduct and lead thorough security assessments of IoT devices, embedded systems, hardware components, and medical instruments.Conduct security assessments of connected car systems, including in-vehicle networks, infotainment systems, telematics, and communication interfaces.Identify vulnerabilities and weaknesses in the design, implementation, and configurations of automotive software and hardware components.Assess the security of in-vehicle communication networks, including CAN bus, Ethernet, and wireless protocols.Perform penetration testing, vulnerability assessments, and code reviews to identify security weaknesses.Evaluate the security of IoT ecosystems, including communication protocols, cloud interfaces, and firmware.Assess the security of embedded systems and identify potential vulnerabilities in both software and hardware.Perform hardware penetration testing to identify vulnerabilities in electronic systems.Assess the security of medical devices, ensuring compliance with industry regulations and standards.Identify and address security risks associated with healthcare information systems and connected medical instruments.Evaluate and prioritize security risks based on potential impact and likelihood.Provide recommendations and collaborate with cross-functional teams to implement effective security controls.Stay current with emerging security threats, vulnerabilities, and testing methodologies.Implement best practices for security testing and collaborate with development teams to integrate security into the development lifecycle.Document security testing processes, findings, and remediation recommendations.Generate comprehensive reports for stakeholders, including technical details and actionable insights. Professional & Technical Skills: Excellent communication skills, including the ability to convey complex security concepts to technical and non-technical stakeholders.Demonstrated proficiency in autonomously managing client relationships with a high level of independence and accountability.Experience of effectively leading teams of various sizes, ranging from small to large, and actively contributing to their skill development and upskilling.Ability to manage multiple tasks and deadlines.Hands on experience with penetration testing tools and methodologies.Proven experience in security testing with a focus on IoT, embedded systems, hardware, and medical instruments.Knowledge of secure coding practices and the ability to review code for security vulnerabilities.Familiarity with industry standards and regulations related to product security, such as ISO 27001, ISO/SAE 21434, UNECE WP.29, IEC 62443, UNR-155 and FDA cybersecurity guidelines.Experience with threat modeling and risk assessment frameworks.Familiarity with secure development practices for embedded systems.Understanding of regulatory requirements for medical device security.Strong understanding of networking protocols, encryption, and authentication mechanisms.- Additional Information:Bachelors or masters degree in engineering or computer science, Information Security, or a related field.Certifications such as Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or Certified Information Systems Security Professional (CISSP).- 5 or more years experience require in cyber security field including penetration testing, thread modeling, hardware security.- This position is based at our Bengaluru office- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Software Development Lead Project Role Description : Develop and configure software systems either end-to-end or for a specific stage of product lifecycle. Apply knowledge of technologies, applications, methodologies, processes and tools to support a client, project or entity. Must have skills : Automotive ECU Software Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Automotive Cybersecurity Engineer, you will play a critical role in ensuring the security and safety of the client's software. Roles & Responsibilities:1.Performing threat analyses and conduct risk assessments to identify potential vulnerabilities in automotive systems, software, and communication networks.2.Reviewing code and software designs to ensure compliance with security best practices and industry standards like ISO 21434 and UNECE R155/R156.3.Conducting penetration testing and vulnerability assessments to proactively identify and mitigate weaknesses in automotive embedded systems before they can be exploited.4.Developing and implementing incident response plans to effectively handle cybersecurity breaches or incidents and minimize potential damage. Professional & Technical Skills: 1.In-depth knowledge and practical experience with various vehicle systems, including telematics, CAN bus, remote entry/start, OTA, EV charging are highly desired.2.Familiarity with relevant security standards and regulations, such as ISO/SAE 21434, ISO 27001, NIST Cybersecurity Framework, and UNECE R155.3.Experience with security testing tools and techniques, such as penetration testing, vulnerability assessments, and threat modelling. Additional Information:- The candidate should have a minimum of 5 years of experience in Automotive ECU Software- This position is based at our Hyderabad office- A 15 years full-time education is required Qualification 15 years full time education

Educational Requirements Bachelor of Engineering Service Line Quality Responsibilities In this role, you will help architect, deploy security solutions, tools for Application, DevSecOps & SSDLC, and Public Cloud Security. You need to learn about Infosys business initiatives, products and business needs to drive clients' security projects. Develop technical solutions and advisesecurity controls to mitigate security vulnerabilities. Partner with Security Engineers, Architects, and clients to drive security initiatives in technology and policy governance. Technical and Professional Requirements: Azure, AWS, GCP, Sentinel, GRC, Threat Analyst, NIST, MITRE ATT&CK, SOC2, ISO27001, ISO27002, Identity, Access management, Security Engineering, Security Automation, Resiliency, DevSecOps, SSDLC, SDLC, Threat Modelling, Risk Assessor, Security Audit, zero trust, ZTNA, conditional access Preferred Skills: Foundational->Cybersecurity Competency Management->Cyber Competency Strategy Planning

The Oracle Cloud Infrastructure (OCI) team can provide you the opportunity to build and operate a suite of massive scale, integrated cloud services in a broadly distributed, multi-tenant cloud environment. OCI is committed to providing the best in cloud products that meet the needs of our customers who are tackling some of the worlds biggest challenges. We offer unique opportunities for smart, hands-on engineers with the expertise and passion to solve difficult problems in distributed highly available services and virtualized infrastructure. At every level, our engineers have a significant technical and business impact designing and building innovative new systems to power our customers business critical applications. What is IAM at OCI? Identity and Access Management (IAM) allows users to control who has access to their cloud resources. As part of the Cloud Platform organization, the team is responsible for the design and build of core services that are utilized by internal and external customers alike. The Identity Control Plane team is primarily responsible for servicing CRUD API calls onall Identity-related entities like users, groups, policies, and compartments across all global regions while ensuring consistency and reliability. Who are we looking for? We are looking for engineers with distributed systems experience. You should have experience with the design of major features and launching them into production. Youve operated high-scale services and understand how to make them more resilient. You work on most projects and tasks independently. The ideal candidate will be technically strong and get a lot done youve worked on services that are highly available, scalable, and redundant. You understand that simple systems are easier to operate and troubleshoot. You can balance speed and quality with iteration and incremental improvements. Youve made life easier for other developers and have motivated your teams to make both process and service improvements with your ability to automate and instrument properly to get the right data. You understand operational excellence and how to instill a culture of being proactive with your teammates. You find anomalies in graphs that didnt trip any alarms and root cause problems before they become real problems. The person in this role will get a lot done on a daily basis, drive tactical execution of features and projects, and own feature design. What are the biggest challenges for the team? The biggest challenges for the team are reliability and performance. The growth of the business is driving us to improve the ability of our systems to scale out and handle traffic patterns that are several orders of magnitude greater than what we can support today. We understand that software is living and needs investment. The challenge is making the right tradeoffs, communicating those decisions effectively, and crisp execution. We need engineers who can build services that handle millions of requests per second. We need engineers who can figure out how we can survive regional data center outages and protect our customers. We need engineers who can build services that enable us to offer even more options to customers and contribute to the overall growth of Oracle Cloud. Required Qualifications 6+ years distributed service engineering experience in a software development environment Hands-on experience building and operating highly-available, high-traffic web services Experience developing service-oriented architectures and RESTful web services Strong development experience in Java, C++, C#, or similar OO languages Experience with at least one scripting language for automating tasks, proof of concept work, or command line tools Preferred Qualifications Domain knowledge of Identity and Access Management. Hands-on experience developing services on a public cloud platform (e.g., AWS, Azure, Oracle) Experience and understanding of multi-AD/AZ and regional data centers Building continuous integration/deployment pipelines with robust testing and deployment schedules Experience with Docker Experience working with internal customers and translating requests into prioritized work or features Expertise in applying threat modeling or other risk identification techniques to develop security solutions FedRAMP, PCI DSS, or similar compliance and auditing experience Experience working with large enterprise customers Responsibilities As a member of the software engineering division, you will take an active role in the definition and evolution of standard practices and procedures. You will be responsible for defining and developing software for tasks associated with the developing, designing and debugging of software applications or operating systems.

We are seeking a Senior Manager - Cyber Security who is a technical leader responsible for managing a team of cybersecurity engineers. This role involves developing and maintaining the end-to-end security architecture of products, working with cross-functional teams to implement cybersecurity standards, and driving the prioritization of security risks. Role and Responsibilities Manage, coordinate, and evaluate the work of the assigned cybersecurity department to ensure the security, confidentiality, integrity, and availability of systems, products, and services. Work with cross-functional teams to develop, document, and implement cybersecurity standards, best practices, and architectures . Manage the development and implementation of cybersecurity strategies . Skills Required Experience with threat modeling or other risk identification techniques and risk management. Experience in managing teams to identify strategic and tactical risk . Experience partnering and influencing cross-functional teams to drive security improvements. Experience in driving the prioritization of security risks/vulnerabilities and ensuring they are properly understood by the business and mitigated. Any Cybersecurity certification .

The Cybersecurity Advisor role involves supporting the development of products and systems resilient against cyberattacks, managing risk, and advising R&D teams at Digital Buildings. As a Cybersecurity Advisor, you will be part of the Global Cybersecurity Chapter and play a crucial role in ensuring the security of the organization's offerings. In this position, you will have the opportunity to: - Deploy Schneiders SDL (Secure Development Lifecycle) to enhance the security of products. - Serve as an expert facilitator on secure design, threat modeling, and vulnerability management practices. - Be the primary point of contact for cybersecurity issues related to a portfolio of offers. - Assist product owners in defining security requirements by leveraging your expertise in relevant cybersecurity standards and regulations. - Identify and communicate potential cybersecurity risks to relevant stakeholders. - Provide guidance to product teams on security best practices for design, automation, and tool selection. - Evaluate threats and vulnerabilities associated with the organization's offerings. - Lead and coordinate cybersecurity-related initiatives within the business unit. - Introduce innovative approaches to improve efficiency and effectiveness. - Support cybersecurity certifications for sites, teams, and offerings. - Establish a network of experts internally and externally for technical reviews, risk management, and customer engagement. Qualifications for this role include: - A degree in engineering, computer science, information systems, or equivalent experience. - Experience in application and/or platform development. - Proficiency in deploying secure development lifecycle practices to R&D teams. - Experience in leading working groups and driving change. - Knowledge of data privacy concerns. - Demonstrated competence in vulnerability management and risk-based decision-making. - Strong communication skills tailored to different audiences, including customers and business stakeholders. - Technical background to comprehend PC, cloud, and embedded product architecture, communication protocols, and networking equipment. This full-time position is based in Karnataka, Bangalore. The unposting date for this job is ongoing.,

As a Red Teaming & Web Application Security Specialist at Hitachi Digital, your primary responsibility will be conducting advanced offensive security assessments to identify vulnerabilities across applications, infrastructure, and processes. In this role, you will combine adversary simulation exercises (Red Team) with deep web application penetration testing to proactively uncover and address security weaknesses before they can be exploited by malicious actors. Key Responsibilities: - Red Teaming & Adversary Simulation: You will plan, execute, and document red team engagements that simulate realistic cyberattacks against the organization's systems, applications, and users. This will involve emulating threat actors" tactics, techniques, and procedures based on frameworks like MITRE ATT&CK. You may also need to conduct physical security assessments, social engineering campaigns (such as phishing and vishing), and insider threat simulations as required. Additionally, collaborating with the Blue Team to validate detection and response capabilities and providing actionable improvement plans will be part of your responsibilities. - Web Application Security: Your role will also include performing manual and automated web application penetration testing using tools like Burp Suite, OWASP ZAP, and custom scripts. You will be expected to identify, validate, and exploit vulnerabilities such as injection flaws, authentication bypass, XSS, CSRF, SSRF, and insecure deserialization. Working closely with development teams to remediate findings and ensure secure coding practices will be essential. Furthermore, conducting source code reviews to detect and eliminate security flaws will fall under your purview. - Security Research & Tool Development: You will be tasked with developing and maintaining custom tools, scripts, and exploits to enhance testing capabilities. Staying current with emerging attack vectors, zero-days, and security trends, as well as performing threat modeling and providing secure architecture recommendations, will be crucial aspects of your role. If you have a minimum of 7 years of experience in web security and red teaming, possess a passion for cybersecurity, and are eager to work with a top-tier SOC team, we invite you to join us at Hitachi Digital. Our team values diversity, equity, and inclusion, and we are committed to creating a culture where diverse perspectives and unique experiences are celebrated. At Hitachi Digital, you'll have access to industry-leading benefits, support for your holistic health and well-being, and flexible work arrangements designed to help you achieve a sense of balance and fulfillment in both your personal and professional life.,

We are looking for a skilled and experienced DevSecOps Engineer with specialized knowledge in Google Cloud Platform (GCP) to become a valuable member of our team. Your primary responsibility will be to ensure the security and integrity of our software development processes on GCP. Your proficiency in GCP, Rego policies, and Terraform will be essential in establishing a secure and effective development pipeline. As a DevSecOps Engineer, you will: - Develop, implement, and maintain Rego policies to enforce security controls and compliance standards in our GCP infrastructure and applications. - Collaborate with development and operations teams to integrate security into the GCP-focused CI/CD pipeline, automating security checks and scans seamlessly. - Utilize your GCP expertise to architect and deploy secure microservices and containerized applications, adhering to GCP security best practices. - Design and implement infrastructure-as-code (IaC) using Terraform to securely and efficiently define and manage GCP resources. - Conduct thorough security assessments on GCP environments using GCP-specific security tools to identify and mitigate potential vulnerabilities. - Perform threat modeling and risk assessments for GCP deployments, crafting tailored security solutions for GCP services. - Work with cross-functional teams to respond promptly to GCP-specific security incidents, conduct root cause analysis, and implement necessary corrective actions. - Stay updated on GCP advancements, industry security trends, and best practices, sharing your knowledge with team members. - Promote a culture of security awareness specific to GCP environments, ensuring security considerations are integrated throughout the development process. Requirements: - Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience). - Proven experience as a DevSecOps Engineer with a strong focus on GCP. - Expertise in Rego policies and policy-as-code practices, particularly with implementation in GCP. - Deep understanding of GCP services, security controls, and best practices. - Proficiency in using GCP-specific security tools, vulnerability scanners, and penetration testing tools. - Experience with Wiz and its integration for continuous security monitoring in GCP environments. - Strong experience with infrastructure-as-code (IaC) using Terraform for GCP resource provisioning and management. - Familiarity with CI/CD pipelines and automation tools (e.g., Jenkins, GitLab CI/CD) with GCP integrations. - Solid knowledge of GCP security frameworks, standards, and compliance requirements. - Strong understanding of container security in GCP and experience securing microservices. - Excellent communication and collaboration skills, with a proven ability to work effectively in cross-functional teams. - Relevant GCP certifications such as Google Professional DevOps Engineer, Google Professional Cloud Security Engineer, or similar certifications are highly advantageous. If you are passionate about leveraging your GCP expertise, Rego policies knowledge, and Terraform skills to create a secure GCP development environment, we welcome you to join our team and contribute to our GCP-focused software security initiatives.,

As a Software Security Compiler Engineer at NVIDIA, you will play a crucial role in enhancing the security of GCC, LLVM, and NVIDIA proprietary compilers. Your responsibilities will include understanding, modifying, and improving these compilers to strengthen code hardening and security measures. By addressing vulnerabilities, crafting countermeasures, and implementing industry-standard solutions, you will contribute to creating a more secure computing environment. You will collaborate with a diverse team to analyze source and assembly code for vulnerabilities and work on cutting-edge deep-learning compiler technology. To excel in this role, you should have a minimum of 8 years of experience in Computer Science/Engineering or a related field. Proficiency in software security and code hardening techniques is essential, along with strong programming skills in C and C++. Your solid compiler knowledge and experience will be valuable in reviewing, coordinating, and implementing security measures. Effective communication, documentation skills, and self-motivation are also key attributes for success in this position. To distinguish yourself as a standout candidate, proficiency in compiler design and verification techniques, hands-on experience with Intermediate Representations such as LLVM IR/MLIR/Tensor IR, and expertise in threat modeling and vulnerability analysis of system software will be advantageous. Familiarity with security tooling like Static Analyzer Checkers, Compiler Instrumentation, Sanitizers, and Fuzzer Mutators, as well as experience in implementing offensive testing techniques against compiler mitigations, will further enhance your profile. NVIDIA offers competitive salaries and a comprehensive benefits package, making it a highly sought-after employer in the technology industry. If you are a creative and autonomous engineer with a genuine passion for technology, join us on this exceptional journey to shape the future of AI computing and security. Make a lasting impact on the world by becoming part of our team at NVIDIA!,

Yubi, formerly known as CredAvenue, is revolutionizing global debt markets by facilitating the flow of finance among borrowers, lenders, and investors. As the world's possibility platform for debt solutions, Yubi offers a diverse range of opportunities and provides you with the necessary tools to seize them. Having achieved the milestone of becoming India's fastest fintech unicorn in March 2022 through a Series B fundraising round of $137 million, Yubi embarked on its journey in 2020 with a vision to enhance the global institutional debt market using technology. Our two-sided debt marketplace connects institutional and HNI investors with corporate borrowers and debt products, streamlining the process of accessing debt capital and fostering investment opportunities. By offering a seamless platform for lending, investing, and trading bonds, Yubi disrupts the traditional debt ecosystem and introduces innovative avenues for digital finance. Job Description As a Security Engineer at Yubi, your primary responsibilities will include designing and implementing security controls for products throughout the Software Development Life Cycle (SDLC). You will be tasked with conducting threat modeling, security reviews, and vulnerability assessments, in addition to collaborating with development teams to integrate security best practices. Responding to, investigating, and remediating security incidents related to products are also crucial aspects of this role. Furthermore, you will develop and maintain security automation tools and scripts, perform secure code reviews and penetration testing, and research emerging security technologies and threats. Providing developer training on secure coding practices, documenting security guidelines, standards, and compliance requirements, and communicating risks and mitigation strategies to technical and non-technical stakeholders are integral components of this position. Requirements - Bachelor's degree in Computer Science, Information Security, or a related field. - Strong experience in application security, threat modeling, and vulnerability assessment. - Proficiency in secure coding practices and common security tools (e.g., SAST, DAST). - Familiarity with SDLC, DevSecOps, and cloud security principles. - Excellent communication skills and ability to collaborate across teams. Join Yubi today and be part of a dynamic team that is reshaping the landscape of global debt markets through innovation and technology. Unleash your potential with us!,